[PATCH v0 2/6] iptables: Mask address when parsing ip/prefixlen

Daniel Wagner wagi at monom.org
Mon Feb 13 06:51:38 PST 2012


From: Daniel Wagner <daniel.wagner at bmw-carit.de>

Netfilter likes to have the address properly masked.
---
 src/iptables.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/src/iptables.c b/src/iptables.c
index 80f63ec..7c62ec3 100644
--- a/src/iptables.c
+++ b/src/iptables.c
@@ -1498,6 +1498,7 @@ static int parse_ip_and_mask(const char *str, struct in_addr *ip, struct in_addr
 	}
 
 	mask->s_addr = htonl(tmp);
+	ip->s_addr = ip->s_addr & mask->s_addr;
 	err = 0;
 out:
 	g_strfreev(tokens);
-- 
1.7.9.48.g85da4d




More information about the connman mailing list